Problem description

FreeBSD

Kingcope discovered and posted on Full-disclosure that the Run-Time Link-Editor (rtld) in recent FreeBSD versions has a dangerous bug. An attacker can trick rtld to accept a manipulated LD_PRELOAD environment variable even when executing setugid binaries like "ping" or "su".

FreeBSD

The software will be a file system and software independant synchronous replication which operates on the block-level in a cluster environment. It works over TCP/IP and can use any GEOM providers. Pawel Dawidek has been awarded to implent …